Lucene search
K

19 matches found

Chainguard
Chainguard
added 2026/04/17 7:17 p.m.7 views

CVE-2024-22262 vulnerabilities

Vulnerabilities for packages: kayenta-fips, kayenta...

8.1CVSS6.7AI score0.01191EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/07 5:58 p.m.11 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in spring-web-5.3.26.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of spring-web-5.3.26.jar Vulnerability Details CVEID:CVE-2024-22262 DESCRIPTION: Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on t...

8.1CVSS6.6AI score0.01191EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/11 5:13 p.m.21 views

Security Bulletin: Vulnerability in UriComponentsBuilder affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.

Summary Potential vulnerability in UriComponentsBuilder has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. The vulnerability have been addressed. Refer to details for additional information...

8.1CVSS6.4AI score0.02573EPSS
Exploits2Affected Software1
GithubExploit
GithubExploit
added 2024/11/19 8:8 p.m.415 views

Exploit for CVE-2024-22262

Spring CVE-2024-22262 Proof of Concept This repo contains...

8.1CVSS5.9AI score0.01191EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/02 10:10 p.m.39 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to phishing attacks in VMware Tanzu Spring Framework [CVE-2024-22262]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to phishing attacks in VMware Tanzu Spring Framework, caused by an open redirect vulnerability in UriComponentsBuilder CVE-2024-22262. VMware Tanzu Spring Framework is used in our Speech Microservices. This...

8.1CVSS7.6AI score0.01191EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/26 8:24 a.m.59 views

Security Bulletin: Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager (CVE-2024-22259, CVE-2024-22243, CVE-2024-22262).

Summary Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager CVE-2024-22259, CVE-2024-22243, CVE-2024-22262. IBM has addressed the vulnerabilities. Vulnerability Details CVEID:CVE-2024-22262 DESCRIPTION: VMware Tanzu Spring Framework could allow a remote...

8.1CVSS8.2AI score0.03967EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/18 12:0 a.m.42 views

Oracle Primavera Unifier (Jul 2024 CPU)

The versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Integration Apache James MIME4J. Supported versio...

8.1CVSS6.5AI score0.01191EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2024/07/18 12:0 a.m.36 views

Oracle MySQL Enterprise Monitor (Jul 2024 CPU)

The versions of MySQL Enterprise Monitor installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Vulnerability in the MySQL Enterprise Monitor component Spring Security. A remote unauthenticated attacker could gain unauthorized access t...

8.2CVSS7.1AI score0.23072EPSS
Exploits3References5
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 3:21 p.m.34 views

Security Bulletin: Vulnerability in VMware Tanzu Spring Framework affects IBM Process Mining CVE-2024-22262

Summary There is a vulnerability in VMware Tanzu Spring Framework that could allow a remote attacker to conduct phishing attacks on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

8.1CVSS7.9AI score0.01191EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/17 8:14 p.m.48 views

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details...

8.2CVSS9.5AI score0.02573EPSS
Exploits5Affected Software1
RedHat Linux
RedHat Linux
added 2024/06/06 4:42 p.m.34 views

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 3.20.6 for Spring Boot security update.

Red Hat build of Apache Camel 3.20.6 for Spring Boot release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

9.3CVSS6.8AI score0.17673EPSS
Exploits5References6
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/06 4:53 p.m.48 views

Security Bulletin: VMware Tanzu Spring Framework is vulnerable to multiple security CVEs used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses VMWare Tanzu Spring Framework which is vulnerable to multiple security CVEs. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-22262 DESCRIPTION: VMware Tanzu Spring Framewo...

9.8CVSS8.8AI score0.32257EPSS
Exploits6Affected Software1
Circl
Circl
added 2024/04/18 4:35 a.m.9 views

CVE-2024-22262

creationtimestamp| type| source ---|---|--- 2024-04-18 04:35:44+00:00| seen| https://t.me/arpsyndicate/4683 2025-02-13 19:21:07+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4331 2025-09-18 10:00:00+00:00| seen|...

8.1CVSS6.5AI score0.01191EPSS
Exploits2References3
vulnersOsv
vulnersOsv
added 2024/04/16 6:30 a.m.12 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +36874 more potentially affected by CVE-2024-22262 via org.springframework:spring-web (>=1.2.1 <=5.3.33)

org.springframework:spring-web MAVEN version =1.2.1, =1.1, =0.0.1, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.2.0 and more Source cves: CVE-2024-22262 Source advisory: OSV:GHSA-2WRP-6FG6-HMC5...

8.1CVSS6.7AI score0.01191EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2024/04/16 6:15 a.m.113 views

CVE-2024-22262

Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is...

8.1CVSS6.7AI score0.01191EPSS
Exploits2References2
Cvelist
Cvelist
added 2024/04/16 5:54 a.m.88 views

CVE-2024-22262 CVE-2024-22262: Spring Framework URL Parsing with Host Validation

Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is...

8.1CVSS8.1AI score0.01191EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2024/04/16 5:54 a.m.53 views

CVE-2024-22262 CVE-2024-22262: Spring Framework URL Parsing with Host Validation

Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is...

8.1CVSS6.6AI score0.01191EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2024/04/11 12:0 a.m.32 views

VMware Spring Framework < 5.3.34, 6.0.x < 6.0.19, 6.1.x < 6.1.6 SSRF Vulnerability - Linux

The VMware Spring Framework is prone to a server-side request forgery SSRF vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.1CVSS6.6AI score0.01191EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2024/04/11 12:0 a.m.43 views

VMware Spring Framework < 5.3.34, 6.0.x < 6.0.19, 6.1.x < 6.1.6 SSRF Vulnerability - Windows

The VMware Spring Framework is prone to a server-side request forgery SSRF vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.6AI score
Exploits0References2
Rows per page
Query Builder